Cybersecurity Jobs: The Skills That Make Up the Best Teams

by Seth Robinson | Oct 15, 2018

A thumbprint on a keyboardCybersecurity is one of the hottest topics in IT, and for good reason. As companies go through digital transformation, they are tying their future success to their technology and their data. It’s more important than ever to keep digital assets secure, not just to keep the company running, but also to maintain a good reputation. Facebook’s latest security breach affecting at least 50 million users was just the latest example of how a security incident can impact trust. 

Just as security is becoming more critical, it is also becoming more complex. Attacks are coming from a wide variety of locations, and hackers aren’t just looking for important data they can sell. Many times, they can leverage data that seems unimportant to launch a phishing attack aimed at a bigger target. The end result is still a security breach that can disrupt operations or disappoint customers. As companies explore new types of technology such as the internet of things (IoT) or artificial intelligence (AI), they also expose themselves to new types of attacks.

One tactic that companies are exploring to address the growing importance and complexity of cybersecurity is the creation of focused security teams. CompTIA’s whitepaper on A Functional IT Framework described how security is becoming a standalone discipline for many organizations, and our 2018 Trends in Cybersecurity research report focuses on the details behind building these specialized teams.

The Right Set of Cybersecurity Skills: 3 Considerations

Obviously, one major ingredient of a security team is the level of expertise. The breadth of security attacks demands a similar breadth in security skills. For IT pros who are part of a security team or pursuing some specialization in security, there are three things to consider in building the right set of skills.

  1. Security skills start from a strong foundation. At companies where security is not treated as a standalone function, it is part of the IT infrastructure team. The employees responsible for servers, networks and devices also take responsibility for securing those components.
     

    As security becomes a focus area, cybersecurity specialists usually emerge from an infrastructure background. Especially for the technical aspects of a security team, many companies cite prerequisite skills in areas such as server administration (71 percent), networking (69 percent) or endpoint devices (66 percent). This is why CompTIA A+ is the first step on the CompTIA Cybersecurity Career Pathway.

  2. Securing emerging technology requires emerging techniques. The same models that complicate the security landscape can also provide tools for security professionals. Many security teams are exploring the use of AI to automate monitoring, which allows a smaller team of experts to manage a massive scope of architecture. Of course, the AI has to be trained correctly, and any output has to be analyzed carefully.
     
    Fast track your career. Click here to subscribe today and save 10 percent on CompTIA products.

    These tasks often fall to a cybersecurity analyst, who uses advanced data techniques to ensure the health of IT systems. Only 59 percent of companies feel that their current resources are up to speed on security analytics. This gap can be closed with the CompTIA Cybersecurity Analyst (CySA+) certification.

  3. Being proactive is a key part of modern security. For a long time, security has primarily focused on building a strong defense. Firewalls have defined a secure perimeter, and antivirus has provided an extra layer of protection on endpoint devices. Unfortunately, cloud computing and mobile devices have shot holes in the secure perimeter, and the number of attacks happening nearly guarantees that a breach will eventually occur.
     

    The best security, then, doesn’t simply hope that all attacks can be prevented. It also searches proactively for any vulnerabilities, taking the same techniques that hackers use and identifying weaknesses. This activity requires a different mindset in an organization, and it’s not surprising to see that just 46 percent of companies feel that penetration testing is a current skill. The new CompTIA PenTest+ certification was developed to address this growing need.

Security teams aren’t popping up all over the place yet, but they appear to be an emerging strategy for companies trying to get serious about improving their security posture. Whether someone is just starting on a cybersecurity career path or hoping to build some advanced skills, there is no shortage of options that could make an IT pro a valuable member of a security team.

Wondering what's on a CompTIA certification exam? Download the exam objectives to see if you have the skills needed by cybersecurity teams.

7 Comments

  • Tandile Ngqumetyana

    Wednesday, October 17, 2018

    I would love to learn Cybersecurity. And get a job thank you Comptia.

  • Vanessa

    Wednesday, October 17, 2018

    Mr. Robinson, What do you mean when you state, "This gap can be closed with the CompTIA Cybersecurity Analyst (CySA+) certification?"

  • Seth

    Wednesday, October 17, 2018

    Vanessa, I'm talking about the skills gap that exists at the 41 percent of companies that don't feel their cybersecurity analytics skills are up to speed. CySA+ training and certification can address the skills that they need to build (and there is probably also room for skill growth in the 59 percent of companies who feel comfortable with those skills at their organization).

  • Cyberseeker

    Thursday, October 18, 2018

    Hi , Do you think the Cybersecurity Analyst role will become obsolete due to AI machine learning. It seems like position will taken over by automation . For someone who is interested in this field , the possibility of Automation can determine one motivation for entering the field.

  • Thursday, October 18, 2018

    Thanks for your question! We don't don't expect machines to fully replace the cybersecurity analyst role. Analysis is very hard to automate - it's more than just identifying patterns and abnormalities. It requires judgement and critical thinking. The human element of cybersecurity is very important, so we expect this role to be relevant for a long time.

  • Dani B

    Thursday, October 18, 2018

    I am looking to switch careers. I have a strong business background, some coding skills HTML, CSS, some Java and I'm super techy. I know there is a huge need for Cyber Security employees but most jobs that I'm seeing require experience. How do you get around that catch 22? Wondering if a Cyber security boot camp will help or not. Thank you

  • Thursday, October 18, 2018

    Hi, Dani! Thanks for your question. Experience can come from anywhere - it doesn't necessarily have to be from an IT job. Start by identifying the skills needed for the job that you're interested in and be creative in how to get that experience. The exam objectives for CompTIA Security+, CySA+ and PenTest+ can help you identify the skills employers look for. Search for YouTube videos or invest in training like a boot camp, ITProTV or CertMaster Learn to get up to speed. Then you could get virtualization software, like VMWare or VirtualBox, and create your own network. The best way to learn is to try things out and make mistakes. Once you feel confident in your skills, consider getting a cybersecurity certification and find ways to gain real-world experience - help your friends and family to secure their home networks or volunteer to secure the network of a nonprofit. Good luck!

Leave a Comment

Boost your Career with a Certification

Find out more about our Certifications

How to get Certified

4 Steps to Certification

Already certified? Let us and others know!

Share Your Story